<?php
/*
제작자 : AJKJ email : nospam.forward.to.me+dyform_nospam@gmail.com
라이센스 : 비 상업적 목적에 한하여 LGPLv2
Ver 0.3.2
*/



if(!defined("__XE__")) exit();


if ($called_position == 'before_module_init')
{
	// 랜덤 seed를 만들어 냅니다. 서버 및 XE마다 고유한 값을 이용하기 위하여, 서버ip, 세션id, db정보를 이용합니다.
	$seed = $_SERVER['SERVER_ADDR'].serialize($oContext->db_info->master_db).'salt:kNrmTp*%O/J~Zl9&#U#5K%hPspI].PevE6{&y5>-ucjPZfym<>'.session_id();

	$abc_chr = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
	$abcnum_chr = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890';
	$abc_array = array();
	$abcnum_array = array();

	// mt_rand에 seed를 줍니다.
	mt_srand( crc32($seed) );

	//a-z A-z중 한글자씩 랜덤으로 뽑아냅니다.
	array_push($abc_array, substr($abc_chr, mt_rand(0, 51),1),
								substr($abc_chr, mt_rand(0, 51),1),
								substr($abc_chr, mt_rand(0, 51),1) );

	//a-z A-z 0-9중 한글자씩 랜덤으로 뽑아냅니다.
	array_push($abcnum_array, substr($abcnum_chr, mt_rand(0,61),1),
										substr($abcnum_chr, mt_rand(0,61),1) );

	// input name, value에 사용할 값을 추출합니다.
	$random_string = base64_encode(hash('sha512', $seed.'salt:Y~09xQv_Pg{:g^D+T:m.&AQ+c.m8nH~tk4]?T+3,U&T0#+p%(', true));

	// css class에 사용할 값을 추출합니다. 값이 실시간 바뀌어도 상관없으므
	$random_string_css = base64_encode(hash('sha1', $seed.'salt:9y(vQUC)q[3l$9!z@'.time().microtime().serialize($_SERVER), true));

	$random_string = str_replace(array('+','/','='), $abcnum_array,  $random_string);
	$random_string_css = str_replace(array('+','/','='), $abcnum_array,  $random_string_css);

	// 스트링을 적당히 잘라준다.
	$dyform_nospam_string->string1 = substr($random_string, 0,  mt_rand(10,26));
	$dyform_nospam_string->string2 = substr($random_string, 21, mt_rand(10,26));
	$dyform_nospam_string->string3 = substr($random_string, 41, mt_rand(10,26));

	//mt_srand()에 기본 seed를 넣어준다(다른 addon 에서 사용 고려 및 초기화)
	mt_srand();
	$dyform_nospam_string->css = substr($random_string_css, 0, mt_rand(10,36));
	

	
	// 모든 String의 첫글자는 영문자로 시작해야 함.
	$dyform_nospam_string->string1 = array_pop($abc_array) . $dyform_nospam_string->string1;
	$dyform_nospam_string->string2 = array_pop($abc_array) . $dyform_nospam_string->string2;
	$dyform_nospam_string->string3 = array_pop($abc_array) . $dyform_nospam_string->string3;
	$dyform_nospam_string->css = substr($abc_chr, mt_rand(0, 51),1) . $dyform_nospam_string->css;
	
	// name에는 소문자가 들어가서는 안됨
	$dyform_nospam_string->string1=strtolower($dyform_nospam_string->string1);
	$dyform_nospam_string->string2=strtolower($dyform_nospam_string->string2);

	if (Context::get('act') == 'procMemberInsert' ||
		Context::get('act') == 'procBoardInsertDocument' ||
		Context::get('act') == 'procBoardInsertComment' )
	{ 

		if( !(Context::get($dyform_nospam_string->string1) == NULL &&
			Context::get($dyform_nospam_string->string2) == $dyform_nospam_string->string3) )
		{
			Context::Close();
			header($_SERVER["SERVER_PROTOCOL"]." 404 Not Found"); 
			echo "<h1>404 Not Found</h1>";
			echo "The page that you have requested could not be found.";
			exit();

		}
		
	}
	$GLOBALS['dyform_nospam_string'] = $dyform_nospam_string;
	unset($abc_chr, $abcnum_chr,
			$abc_array, $abcnum_array,
			$random_string, $random_string_css,
			$seed, $dyform_nospam_string);
	
}

if($called_position == 'before_display_content')
{
	
	$dyform_nospam_string = $GLOBALS['dyform_nospam_string'];

	$js_wirte->input[0] = '<input name="'.$dyform_nospam_string->string1.'" type="text" value="" class="'.$dyform_nospam_string->css.'"/>';
	$js_wirte->input[1] = '<input name="'.$dyform_nospam_string->string2.'" type="hidden" value="'.$dyform_nospam_string->string3.'"/>';


	$js_wirte->first = "document.write('";
	$js_wirte->last = "')";

	$js_write = $js_wirte->first . $js_wirte->input[0] . $js_wirte->input[1] . $js_wirte->last;
	$js_write=rawurlencode($js_write);
	$js_write = '<script>eval(decodeURIComponent(\''.$js_write.'\'));</script>';


	
	$css_write = '<style>.'.$dyform_nospam_string->css.'{visibility:hidden;position:absolute}</style>';
	$css_write = $js_wirte->first . $css_write . $js_wirte->last;
	$css_write = rawurlencode($css_write);
	$css_write = '<script>eval(decodeURIComponent(\''.$css_write.'\'));</script>';


	$pattern_ING = '/<\s*form.*?method="post".*?\>/i';
	
	preg_match_all($pattern_ING, $output, $matches);
	
	foreach($matches[0] as $val) {
		$output  = str_replace($val ,$val.$js_write, $output );
   }
   context::addHtmlHeader($css_write);
   unset($pattern_ING, $matches, $val, $js_write ,$css_write, $dyform_nospam_string, $GLOBALS['dyform_nospam_string']);	
}
?>